AMENDMENTS TO THE CLAIMS 



1 . (original) A network configuration entity configured or adapted to exclusively control a 
defined set of management functions throughout a secure network, said secure network 
comprising a plurality of switching devices, said set of management functions comprising 
the recognition, operation and succession of the network configuration entity. 

2. (original) The network configuration entity of claim 1 further comprising a memory for 
storing an NCE list, said NCE list comprising an indication of each device in the network 
that may operate as said network configuration entity. 

3. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprise one or more rules for interaction between and among devices 
in the network. 

4. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprises device connection controls that indicate port relationships in 
said secure network 

5. (original) The network configuration entity of claim 4 further comprising a memory for 
storing a DCC list, said DCC list associated with said one or more rules for interaction 
between and among devices and comprising definitions that logically bind a port on the 
network configuration entity, to one or more other ports resident in the secure network. 

6. (original) The network configuration entity of claim 3 further comprising a memory for 
storing a DCC list, said DCC list associated with said one or more rules for interaction 
between and among devices and comprising definitions that logically bind each port in 
said secure network to one or more other ports resident in said said network. 

7. (currently amended) The invention network configuration entity of claim 6 wherein said 
ports are identified by a unique number. 

8. (currently amended) The invention network configuration entity of claim 7 wherein said 
unique number is a world-wide-name. 



Page 2 of 17 



9. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprises management access controls that restrict management 
services to a defined set of endpoints. 

10. (original) The network configuration entity of claim 9 further comprising a memory for 
storing an MAC list, said MAC list comprising an indication of network endpoints from 
which management access is acceptable. 

1 1 . (currently amended) The invention network configuration entity of claim 9 wherein said 
network endpoints comprise IP addresses. 

12. (currently amended) The invention network configuration entity of claim 1 1 wherein said 
IP addresses are associated with access from SNMP or Telnet or HTTP or API. 

13. (currently amended) The invention network configuration entity of claim 9 wherein said 
network endpoints comprise uniquely identified device ports. 

14. (currently amended) The invention network configuration entity of claim 9 wherein said 
network endpoints comprise uniquely identified devices resident in said secure network. 

15. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprises switch connection controls for designating devices to 
participate in the secure network. 

16. (original) The network configuration entity of claim 15 further comprising a memory for 
storing an SCC list, said SCC list associated with said switch connection controls and 
comprising a list of devices authorized to participate in said secure network. 



Page 3 of 17 



(currently amended) A network configuration entity configured or adapted to exclusively 
control a defined set of management functions throughout a secure network, said secure 
network comprising a plurality of switching devices, said set of management functions 
comprising (i) the recognition, operation and succession of the network configuration 
entity, (ii) switch connection controls for designating devices to participate in the secure 
network, (iii) device connection controls that indicate port relationships in said secure 
network, and (iv) management access controls that restrict management services to a 
defined set of endpoints, said network configuration entity comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list comprising an indication of each device in the network that 

may operate as said network configuration entity, 
an SCC list, said SCC list comprising an indication of each device allowed to 

participate in said secure network, 
a DCC list, said DCC list associated with said one or more rules for interaction 

between and among devices and comprising definitions that logically bind a port 

on the network configuration entity, to one or more other ports resident in the 

secure network, and, 

a MAC list, said MAC list comprising an indication of network endpoints from which 
management access is acceptable. 
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(original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, (ii) switch 
connection controls for designating devices to participate in the secure network, (iii) 
device connection controls that indicate port relationships in said secure network, and (iv) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, 

an SCC list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network, 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network, and, 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access is 
acceptable. 
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19. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, and (ii) switch 
connection controls for designating devices to participate in the secure network, said 
Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, and 

an SCC list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network. 

20. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, and (ii) device 
connection controls that indicate port relationships in said secure network, said Fibre 
Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, and 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network. 
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21. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, and (ii) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, and 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access is 
acceptable. 

22. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) switch 
connection controls for designating devices to participate in the secure network, and (ii) 
device connection controls that indicate port relationships in said secure network, said 
Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an SCC list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network, and 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network. 
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23. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) switch 
connection controls for designating devices to participate in the secure network, and (ii) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an SCC list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network, and 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access is 
acceptable. 

24. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) device 
connection controls that indicate port relationships in said secure network, and (ii) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network, and, 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access is 
acceptable. 
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25. (original) A network comprising a network configuration entity and one or more other 
entities, said network configuration entity having network-wide control over a defined set 
of management functions, said set of management functions comprising: 

the recognition, operation and succession of the network configuration entity; 
one or more rules for interaction between and among entities in the network; 
one or more rules governing management level access to the network; and 
one or more rules governing management level access to one or more entities. 

26. (original) The network of claim 25 wherein said function of recognition, operation and 
succession of the network configuration entity is associated with a list of network devices 
that are eligible to become equivalent to said network configuration entity. 

27. (original) The network of claim 25 wherein the network configuration entity has 
exclusive control over one or more of said management functions. 

28. (original) The network of claim 25 further comprising one or more back-up network 
configuration entities. 

29. (original) The network of claim 25 wherein each of said security and management 
functions corresponds with a data structure in a memory. 

30-53 (cancelled) 

54. (original) A method of securing a network having a Fibre Channel switching device 
configured or adapted to operate in a secure network wherein a defined set of 
management function is controlled throughout said secure network by a network 
configuration entity, said method comprising the steps of: 

controlling the recognition, operation and succession of the network configuration 
entity by designating an NCE list comprising an indication of each device in the 
network that may operate as said network configuration entity; 
designating a unique name for each devices that may participate in the secure network; 
indicating port relationships in said secure network to specifically delineate a list of 

unique names for ports that any given port may communicate with; and 
restricting management access to a pre-defined set of access methods. 
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